In preparation for my new 'Achieving Hi-Fidelity Security' research project, I thought I would post a relevant blog I wrote for InformationSecurityBuzz.com. I have packet capture data for forensics, isn’t that enough? No! Of late, I have briefed with a number of companies that provide full network packet capture capabilities. They tout its benefits and that [...]

Though cyber attacks have been around for years, in 2014 there was an explosion in the volume of attacks and a marked increase in the losses and damages they inflicted. In 2015, this does not seem to be lightening up. In February, Anthem health care insurers were compromised, putting 80 million current and former customers [...]

Historically, many organizations and personnel have been concerned about user activity monitoring (UAM). Certain business cultures feel that these activities are an invasion of privacy or are distrustful. However, in today’s Internet connected, data driven world, having specific information or data means the difference in being a market leader and being out of business. Identifying [...]

A few weeks ago, I briefed with a new company called PFP Cybersecurity, also known as Power Fingerprinting, Inc., and was so intrigued by the concept alone that I wrote a Vendor to Watch about them. They officially launched on January 26, and currently their claim to fame is their physics-based scanning technology which monitors [...]

I have a new guest blog just posted at for Tufin around Security Policy Orchestration. You can check it out here. It discusses the benefits to using Security Policy Orchestration when defining software-defined data centers (SDDCs). By supporting a centralized security policy across physical and virtual networks via a single interface. Security change management provides many benefits including: Application [...]

Working in information security for the past 20 years, I have seen a lot. Though there have been many multi-million dollar impact breaches, the recent Sony Pictures hack and subsequent data exposure and extortion is probably the most impactful to a company out of the previous breaches this year. Recent articles revealed that [...]

When I started out in security, only very large organizations with a mature set of business processes dared to talk about implementing some form of governance, risk, and compliance (GRC) or enterprise program (e-GRC). They generally did it in an attempt to get ISO or similar certification, or to "move their programs to the next [...]

There is no disagreement that the current mag-stripe technology used in the USA and other countries outside of the EU is antiquated and lends itself to fraud. The data is easily copied using various methods from manual card data copying and shoulder surfing, to database compromise and POS terminal malware. Cards can be reproduced with [...]

The Cloud Security Alliance (CSA) is a not-for-profit think tank of volunteers that spend their time trying to better the internet. These people are the antithesis of cybercriminals; they spend their energy trying to figure out ways to make our data safer. They create best practices for providing security assurance within cloud computing, or in [...]

In looking at the solutions available for threat protection (and detection), there are quite a few options out there. Some, like Damballa Failsafe, are network-based, vigilantly watching packets across the network and looking for indications of undesirable activities/behaviors and content. Others are host-based, like Bit9 + Carbon Black, using an agent on the endpoint, [...]